| 1 |
On Thu, 2010-01-07 at 16:40 -0800, Mark Knecht wrote: |
| 2 |
|
| 3 |
> 2) The idea of end-users installing ebuilds themselves from an unknown |
| 4 |
> individual delivered through an email list is about as insane as it |
| 5 |
> could be. Just what I need is an untested ebuild that I install and |
| 6 |
> build myself stealing everything on my system. |
| 7 |
|
| 8 |
"Note that if I can get you to "su and say" something just by asking, |
| 9 |
you have a very serious security problem on your system and you should |
| 10 |
look into it." |
| 11 |
-- Paul Vixie, vixie-cron 3.0.1 installation notes |
| 12 |
|
| 13 |
the problem there would be with the end-user, not malicious-Ronan, IMHO |
| 14 |
|
| 15 |
> As a user and someone who cares about Gentoo I'd like to see ALL |
| 16 |
> ebuilds banned from this list. |
| 17 |
|
| 18 |
Negatory Ghost Rider! Ban ebuild attachments, then someone says |
| 19 |
"install this ebuild I wrote from http://root.kit.org/die.ebuild ..." |
| 20 |
then what? Ban links too? |
| 21 |
|
| 22 |
Gentoo is about learning (and lots of other stuff too) so if it takes |
| 23 |
your system to crash before you learn not to run untrusted executables, |
| 24 |
then that's what it takes. I have pretty darn good and regular backups, |
| 25 |
but only because I once fsck'd my filesystem without them, and I know |
| 26 |
how much of a pain that is. |
| 27 |
|
| 28 |
> Only takes one bad seed and one |
| 29 |
> not-very knowledgeable user like me to give the distro a black eye it |
| 30 |
> doesn't deserve. |
| 31 |
|
| 32 |
You know enough not to try it though. It's also easy for someone to |
| 33 |
reply with a BIG FAT WARNING stating as much to others. I think this |
| 34 |
distro has enough bruises that it's toughened up a bit :) Any by the |
| 35 |
stage a user can make an overlay, manifest, etc. I think they know a |
| 36 |
little bit already. |
| 37 |
|
| 38 |
> Yeah, I'm paranoid... |
| 39 |
|
| 40 |
It's ok to be paranoid, they really _are_ out to get you ;) |
| 41 |
|
| 42 |
But seriously: warn people, sure. Learn about security & ebuilds, sure. |
| 43 |
Ban them? Not such a good idea IMHO :) |
| 44 |
|
| 45 |
> Cheers, |
| 46 |
> Mark |
| 47 |
|
| 48 |
catchya, |
| 49 |
-- |
| 50 |
Iain Buchanan <iaindb at netspace dot net dot au> |
| 51 |
|
| 52 |
Ralph's Observation: |
| 53 |
It is a mistake to let any mechanical object realise that you |
| 54 |
are in a hurry. |
Archives